Fix decryption of GPG key during CI publication

dalet-oss · Jan 2, 2024 · 8e0bf5d · 8e0bf5d
1 parent 34fce6a
commit 8e0bf5d
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/ci-publish.yml b/.github/workflows/ci-publish.yml
@@ -11,7 +11,7 @@ concurrency:
   cancel-in-progress: false
 
 jobs:
-  compile-and-test:
+  compile-test-and-publish-to-maven-central:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout

diff --git a/publish.sh b/publish.sh
@@ -24,7 +24,7 @@ then
   echo 'Version already available on Maven Central.  This must be a rebuild; nothing to do here.'
 else
   # Decrypt the gpg key used for signing
-  openssl aes-256-cbc -K $encrypted_a559f7c88919_key -iv $encrypted_a559f7c88919_iv -in secret.gpg.enc -out secret.gpg -d
+  openssl aes-256-cbc -K ${SONATYPE_GPGKEY_FILE_ENCRYPTION_KEY} -iv ${SONATYPE_GPGKEY_FILE_ENCRYPTION_IV} -in secret.gpg.enc -out secret.gpg -d
   export GPG_TTY=$(tty)
 
   # Work around some nonsense on the specific version of GPG that comes with Ubuntu - see https://www.fluidkeys.com/tweak-gpg-2.1.11/